StarRailBase[.]dll | Triage

Sharing

General

Target

StarRailBase.dll
Size

4KB
MD5

f1d1dbddc2ff603b0d58dd969e0a24a8
SHA1

4527b754718e9767ad0a1b4051544e23494ff511
SHA256

801b0b95527f98b1e5de4f92886e355ebe548c74257e736727c88c7507203b28
SHA512

2eb669ddcfafb1fdd973101b7575902ee2b82b40cb4836c0a84430d86672ceb9040139513b3d17c2cd5ab0d9dbc4f99df745ed461648a345cc13fbab1216eb1c
SSDEEP

48:qZITVmb0V3vYQ/qpUE474DMxdkCFZPSPeJeg:BTVmbK/mAsMxd3Ag

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
StarRailBase.dll

Files

StarRailBase.dll
.dll windows:6 windows x64 arch:x64

cbc20d2f46172e262aa9d4f902b2d962

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

ReadFile
MoveFileA
FindFirstFileA
WriteFile
FindNextFileA
lstrlenA
FindClose
lstrcatA
CreateFileA
lstrcpyA
CloseHandle
SetFilePointerEx
lstrcmpiA

shell32

SHGetFolderPathA

Exports

Exports

K

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ